View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.jaas.spi;
20  
21  import java.sql.Connection;
22  import java.sql.PreparedStatement;
23  import java.sql.ResultSet;
24  import java.sql.SQLException;
25  import java.util.ArrayList;
26  import java.util.List;
27  import java.util.Map;
28  
29  import javax.security.auth.Subject;
30  import javax.security.auth.callback.CallbackHandler;
31  
32  import org.eclipse.jetty.util.log.Log;
33  import org.eclipse.jetty.util.log.Logger;
34  import org.eclipse.jetty.util.security.Credential;
35  
36  /**
37   * AbstractDatabaseLoginModule
38   *
39   * Abstract base class for LoginModules that interact with a
40   * database to retrieve authentication and authorization information.
41   * Used by the JDBCLoginModule and DataSourceLoginModule.
42   *
43   */
44  public abstract class AbstractDatabaseLoginModule extends AbstractLoginModule
45  {
46      private static final Logger LOG = Log.getLogger(AbstractDatabaseLoginModule.class);
47  
48      private String userQuery;
49      private String rolesQuery;
50      private String dbUserTable;
51      private String dbUserTableUserField;
52      private String dbUserTableCredentialField;
53      private String dbUserRoleTable;
54      private String dbUserRoleTableUserField;
55      private String dbUserRoleTableRoleField;
56  
57  
58  
59  
60      /**
61       * @return a java.sql.Connection from the database
62       * @throws Exception
63       */
64      public abstract Connection getConnection () throws Exception;
65  
66  
67  
68      /* ------------------------------------------------ */
69      /** Load info from database
70       * @param userName user info to load
71       * @exception SQLException
72       */
73      public UserInfo getUserInfo (String userName)
74          throws Exception
75      {
76          try (Connection connection = getConnection())
77          {
78  
79              //query for credential
80              String dbCredential = null;
81              try (PreparedStatement statement = connection.prepareStatement (userQuery))
82              {
83                  statement.setString (1, userName);
84                  try (ResultSet results = statement.executeQuery())
85                  {
86                      if (results.next())
87                      {
88                          dbCredential = results.getString(1);
89                      }
90                  }
91              }
92  
93              if (dbCredential==null)
94              {
95                  return null;
96              }
97  
98              //query for role names
99              List<String> roles = new ArrayList<String>();
100             try (PreparedStatement statement = connection.prepareStatement (rolesQuery))
101             {
102                 statement.setString (1, userName);
103                 try (ResultSet results = statement.executeQuery())
104                 {
105                     while (results.next())
106                     {
107                         String roleName = results.getString (1);
108                         roles.add (roleName);
109                     }
110                 }
111             }
112 
113             return new UserInfo (userName, Credential.getCredential(dbCredential), roles);
114         }
115     }
116 
117 
118     public void initialize(Subject subject,
119             CallbackHandler callbackHandler,
120             Map<String,?> sharedState,
121             Map<String,?> options)
122     {
123         super.initialize(subject, callbackHandler, sharedState, options);
124 
125         //get the user credential query out of the options
126         dbUserTable = (String)options.get("userTable");
127         dbUserTableUserField = (String)options.get("userField");
128         dbUserTableCredentialField = (String)options.get("credentialField");
129 
130         userQuery = "select "+dbUserTableCredentialField+" from "+dbUserTable+" where "+dbUserTableUserField+"=?";
131 
132 
133         //get the user roles query out of the options
134         dbUserRoleTable = (String)options.get("userRoleTable");
135         dbUserRoleTableUserField = (String)options.get("userRoleUserField");
136         dbUserRoleTableRoleField = (String)options.get("userRoleRoleField");
137 
138         rolesQuery = "select "+dbUserRoleTableRoleField+" from "+dbUserRoleTable+" where "+dbUserRoleTableUserField+"=?";
139 
140         if(LOG.isDebugEnabled())LOG.debug("userQuery = "+userQuery);
141         if(LOG.isDebugEnabled())LOG.debug("rolesQuery = "+rolesQuery);
142     }
143 }